F-secure ANTI-VIRUS FOR MICROSOFT EXCHANGE ADMINISTRATOR GUIDE

F-Secure Anti-Virus for
Microsoft Exchange
Deployment Guide
"F-Secure" and the triangle symbol are registered trademarks of F-Secure Corporation and F-Secure product names and symbols/logos are either trademarks or registered trademarks of F-Secure Corporation. All product names referenced herein are trademarks or registered trademarks of their respective companies. F-Secure Corporation disclaims proprietary interest in the marks and names of others. Although F-Secure Corporation makes every effort to ensure that this information is accurate, F-Secure Corporation will not be liable for any errors or omission of facts contained herein. F-Secure Corporation reserves the right to modify specifications cited in this document without prior notice.
Companies, names and data used in examples herein are fictitious unless otherwise noted. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of F-Secure Corporation.
Copyright © 1993-2010 F-Secure Corporation. All rights reserved. Portions Copyright © 2003 Commtouch ® Software Ltd. Copyright © 1997-2009 BitDefender.
This product includes software developed by the Apache Software Foundation (http:// www.apache.org/). Copyright © 2000-2007 The Apache Software Foundation. All rights reserved.
This product includes PHP, freely available from http://www.php.net/. Copyright © 1999-2007 The PHP Group. All rights reserved.
This product includes code from SpamAssassin. The code in the files of the SpamAssassin distribution are Copyright © 2000-2002 Justin Mason and others, unless specified otherwise in that particular file. All files in the SpamAssassin distribution fall under the same terms as Perl itself, as described in the “Artistic License”.
This product may be covered by one or more F-Secure patents, including the following:
GB2353372 GB2366691 GB2366692 GB2366693 GB2367933 GB2368233
GB2374260
Contents
About This Guide 4
How This Guide Is Organized .............................................................................................. 5
Conventions Used in F-Secure Guides ................................................................................ 6
Symbols ...................................................................................................................... 6
Chapter 1 Introduction 8
1.1 Overview ...................................................................................................................... 9
1.2 How F-Secure Anti-Virus for Microsoft Exchange Works...........................................10
1.3 Key Features..............................................................................................................13
1.4 Scanning Methods .....................................................................................................15
1.5 F-Secure Anti-Virus Mail Server and Gateway Products ...........................................16
Chapter 2 Deployment 17
2.1 Installation Modes ......................................................................................................18
2.2 Network Requirements...............................................................................................19
2.3 Deployment Scenarios ............................................................................................... 20
2.3.1 Single Exchange Server (2003/2007/2010).................................................... 21
2.3.2 Multiple Exchange 2003 Servers.................................................................... 22
2.3.3 Multiple Exchange Server 2007/2010 Roles ..................................................23
2.3.4 Large organization using Exchange 2007/2010 ............................................. 24
2.3.5 Centralized Quarantine Management............................................................. 26
1
Chapter 3 Installation 29
3.1 System Requirements................................................................................................ 30
3.1.1 Installation on Microsoft Exchange Server 2003 ............................................ 30
3.1.2 Installation on Microsoft Exchange Server 2007 ............................................ 32
3.1.3 Installation on Microsoft Exchange Server 2010 ............................................ 34
3.2 Centralized Management Requirements....................................................................35
3.3 Other System Component Requirements .................................................................. 35
3.3.1 SQL Server Requirements ............................................................................. 36
3.3.2 Additional Windows Components................................................................... 38
3.3.3 Web Browser Software Requirements ...........................................................38
3.4 Improving Reliability and Performance ...................................................................... 38
3.5 Centrally Administered or Stand-alone Installation? .................................................. 39
3.6 Installation Overview .................................................................................................. 40
3.7 Installing F-Secure Anti-Virus for Microsoft Exchange............................................... 41
3.8 After the Installation ...................................................................................................54
3.8.1 Importing Product MIB files to F-Secure Policy Manager Console.................54
3.8.2 Configuring the Product..................................................................................55
3.9 Upgrading from Previous Product Versions ............................................................... 57
3.10 Upgrading the Evaluation Version.............................................................................. 59
3.11 Uninstalling F-Secure Anti-Virus for Microsoft Exchange .......................................... 60
Chapter 4 Configuring F-Secure Spam Control 61
4.1 Overview .................................................................................................................... 62
4.2 Realtime Blackhole List Configuration ....................................................................... 63
4.2.1 Configuring Realtime Blackhole Lists ............................................................. 63
4.2.2 Optimizing F-Secure Spam Control Performance .......................................... 65
Appendix A Deploying the Product on a Cluster 67
A.1 Installation Overview ................................................................................................. 68
A.2 Creating Quarantine Storage ..................................................................................... 70
A.2.1 Quarantine Storage in Active-Passive Cluster ............................................... 70
A.2.2 Quarantine Storage in Active-Active Cluster ..................................................75
A.2.3 Creating the Quarantine Storage for a Single Copy Cluster Environment ..... 78
2
A.2.4 Creating the Quarantine Storage for a Continuous
Cluster Replication Environment ....................................................................85
A.2.5 Creating the Quarantine Storage for a Database
Availability Group Environment ......................................................................89
A.3 Installing the Product.................................................................................................. 93
A.3.1 Installing on Clusters with Quarantine as Cluster Resource ..........................93
A.3.2 Installing on Clusters with Quarantine on a Dedicated Computer.................. 96
A.4 Administering the Cluster Installation with F-Secure Policy Manager........................98
A.5 Using the Quarantine in the Cluster Installation......................................................... 99
A.6 Using the Product with High Availability
Architecture in Microsoft Exchange Server 2010101
A.7 Uninstallation............................................................................................................102
A.8 Troubleshooting .......................................................................................................102
Appendix B Services and Processes 103
B.1 List of Services and Processes ............................................................................... 104
Technical Support 108
F-Secure Online Support Resources ............................................................................... 109
Web Club ......................................................................................................................... 111
Virus Descriptions on the Web .........................................................................................111
About F-Secure Corporation
3

ABOUT THIS GUIDE

How This Guide Is Organized...................................................... 5
Conventions Used in F-Secure Guides ....................................... 6
4

How This Guide Is Organized

F-Secure Anti-Virus for Microsoft Exchange Deployment Guide is divided into the following chapters:
Chapter 1. Introduction. General information about F-Secure Anti-Virus
for Microsoft Exchange and other F-Secure Anti-Virus Mail Server and Gateway products.
Chapter 2. Deployment. Instructions and examples how to set up your
network environment before you can install F-Secure Anti-Virus for Microsoft Exchange.
Chapter 3. Installation. Instructions how to install and set up F-Secure
Anti-Virus for Microsoft Exchange.
Chapter 4. Configuring F-Secure Spam Control. Instructions on how to
configure F-Secure Spam Control.
Appendix A. Deploying the Product on a Cluster. Instructions how to
deploy and use F-Secure Anti-Virus for Microsoft Exchange on a cluster.
Appendix B. Services and Processes. Describes services, devices and
processes of F-Secure Anti-Virus for Microsoft Exchange.
About This Guide 5
Technical Support. Contains the contact information for assistance.
About F-Secure Corporation. Describes the company background and
products.
See the F-Secure Policy Manager Administrator's Guide for detailed information about installing and using the F-Secure Policy Manager components:
F-Secure Policy Manager Console, the tool for remote
administration of F-Secure Anti-Virus for Microsoft Exchange.
F-Secure Policy Manager Server, which enables communication
between F-Secure Policy Manager Console and the managed systems.
6

Conventions Used in F-Secure Guides

This section describes the symbols, fonts, and terminology used in this
manual.

Symbols

WARNING: The warning symbol indicates a situation with a risk of irreversible destruction to data.
IMPORTANT: An exclamation mark provides important information that you need to consider.
REFERENCE - A book refers you to related information on the topic available in another document.
NOTE - A note provides additional information that you should consider.
l
TIP - A tip provides information that can help you perform a task more quickly or easily.
Fonts
An arrow indicates a one-step procedure.
Arial bold (blue) is used to refer to menu names and commands, to
buttons and other items in a dialog box.
Arial Italics (blue) is used to refer to other chapters in the manual, book
titles, and titles of other manuals.
Arial Italics (black) is used for file and folder names, for figure and table
captions, and for directory tree names.
Courier New is used for messages on your computer screen.
Courier New bold is used for information that you must type.
SMALL CAPS (BLACK) is used for a key or key combination on your
keyboard.
CHAPTER 2 7
PDF Document
For More Information
Arial underlined (blue)
Arial italics is used for window and dialog box names.
This manual is provided in PDF (Portable Document Format). The PDF document can be used for online viewing and printing using Adobe® Acrobat® Reader. When printing the manual, please print the entire manual, including the copyright and disclaimer statements.
Visit F-Secure at http://www.f-secure.com for documentation, training courses, downloads, and service and support contacts.
In our constant attempts to improve our documentation, we would welcome your feedback. If you have any questions, comments, or suggestions about this or any other F-Secure document, please contact us at documentation@f-secure.com
is used for user interface links.
.
1

INTRODUCTION

Overview....................................................................................... 9
How F-Secure Anti-Virus for Microsoft Exchange Works........... 10
Key Features .............................................................................. 13
Scanning Methods...................................................................... 15
F-Secure Anti-Virus Mail Server and Gateway Products............ 16
8

1.1 Overview

CHAPTER 1 9
Introduction
Malicious code, such as computer viruses, is one of the main threats for companies today. In the past, malicious code spread mainly via disks and the most common viruses were the ones that infected disk boot sectors. When users began to use office applications with macro capabilities ­such as Microsoft Office - to write documents and distribute them via mail and groupware servers, macro viruses started spreading rapidly.
After the millennium, the most common spreading mechanism has been the e-mail. Today about 90% of viruses arrive via e-mail. E-mails provide a very fast and efficient way for viruses to spread themselves without any user intervention and that is why e-mail worm outbreaks, like Sober, Netsky and Bagle, have caused a lot of damage around the world.
F-Secure Anti-Virus Mail Server and Gateway products are designed to protect your company's mail and groupware servers and to shield the company network from any malicious code that travels in HTTP or SMTP traffic. In addition, they protect your company network against spam. The protection can be implemented on the gateway level to screen all incoming and outgoing e-mail (SMTP), web surfing (HTTP and FTP-over-HTTP) and file transfer (FTP) traffic. Furthermore, it can be implemented on the mail server level so that it does not only protect inbound and outbound traffic but also internal mail traffic and public sources, such as public folders on Microsoft Exchange servers.
Providing the protection already on the gateway level has plenty of advantages. The protection is easy and fast to set up and install, compared to rolling out antivirus protection on hundreds or thousands of workstations. The protection is also invisible to the end users which ensures that the system cannot be by-passed and makes it easy to maintain. Of course, protecting the gateway level alone is not enough to provide a complete antivirus solution; file server and workstation level protection is needed, also.
Why clean 1000 workstations when you can clean one attachment at the gateway level?
10

1.2 How F-Secure Anti-Virus for Microsoft Exchange Works

F-Secure Anti-Virus for Microsoft Exchange is designed to detect and disinfect viruses and other malicious code from e-mail transmissions through Microsoft Exchange Server. Scanning is done in real time as the mail passes through Microsoft Exchange Server. On-demand scanning of user mailboxes and public folders is also available.
Scanning
Attachments and
Message Bodies
Flexible and Scalable
Anti-Virus Protection
Alerting F-Secure Anti-Virus for Microsoft Exchange has extensive alerting
Powerful and Always
Up-to-date
F-Secure Anti-Virus for Microsoft Exchange scans attachments and message bodies for malicious code. It can also be instructed to remove particular attachments according to the file name or the file extension.
If the intercepted mail contains malicious code, F-Secure Anti-Virus for Microsoft Exchange can be configured to disinfect or drop the content. Any malicious code found during the scan process can be placed in the Quarantine, where it can be further examined. Stripped attachments can also be placed in the Quarantine for further examination.
F-Secure Anti-Virus for Microsoft Exchange is installed on Microsoft Exchange Server and it intercepts mail traveling to and from mailboxes and public folders. The messages and documents are scanned with the scanning component, F-Secure Content Scanner Server, which also disinfects the infected messages.
functions, which means that the system administrator can specify a recipient, such as the network administrator, to be notified about the infection found in the data content.
F-Secure Anti-Virus for Microsoft Exchange uses the award-winning F-Secure Anti-Virus techniques and scanning engines to ensure the highest possible detection rate and disinfection capability. The F-Secure Anti-Virus definition databases are updated typically multiple times a day and they provide F-Secure Anti-Virus for Microsoft Exchange an always up-to-date protection capability.
CHAPTER 1 11
Introduction
F-Secure Anti-Virus scanner consistently ranks at the top when compared to competing products. Our team of dedicated virus researchers is on call 24-hours a day responding to new and emerging threats. In fact, F-Secure is one of the only companies to release tested virus definition updates continuously, to make sure our customers are receiving the highest quality service and protection.
Virus and Spam
Outbreak Detection
Stand-alone and
Centralized
Administration Modes
Scalability and
Reliability
Easy to
Administer
Massive spam and virus outbreaks consist of millions of messages which share at least one identifiable pattern that can be used to distinguish the outbreak. Any message that contains one or more of these patterns can be assumed to be a part of the same spam or virus outbreak.
F-Secure Anti-Virus for Microsoft Exchange can identify these patterns from the message envelope, headers and body, in any language, message format and encoding type. It can detect spam messages and new viruses during the first minutes of the outbreak.
F-Secure Anti-Virus for Microsoft Exchange can be installed either in stand-alone or centrally administered mode. Depending on how it has been installed, F-Secure Anti-Virus for Microsoft Exchange is managed either with the F-Secure Anti-Virus for Microsoft Exchange Web Console or F-Secure Policy Manager.
F-Secure Policy Manager provides a scalable way to manage the security of multiple applications on multiple operating systems, from one central location. F-Secure Policy Manager is comprised of two components, F-Secure Policy Manager Console and F-Secure Policy Manager Server, which are used to administer applications. They are seamlessly integrated with the F-Secure Management Agents that handle all management functions on local hosts.
If F-Secure Anti-Virus for Microsoft Exchange is installed in stand-alone mode it can be managed with the web-based user interface.
If F-Secure Anti-Virus for Microsoft Exchange has been installed in centrally administered configuration, it is managed with F-Secure Policy Manager. With its graphical user interface, F-Secure Policy Manager Console provides a centralized view of the domains and hosts in your network, lets you configure the security policies for all F-Secure
12
components and set up scheduled scans and run manual scanning operations. F-Secure Policy Manager receives status information from F-Secure Anti-Virus for Microsoft Exchange.
F-Secure Policy Manager Server is the server side component that handles communication between F-Secure Anti-Virus for Microsoft Exchange and F-Secure Policy Manager Console. It exchanges security policies, software updates, status information, statistics, alerts, and other information between F-Secure Policy Manager Console and all managed systems.
Figure 1-1 (1) E-mail arrives from the Internet to F-Secure Anti-Virus for Microsoft Exchange, which (2) filters malicious content from mails and attachments, and (3) delivers cleaned files forward.

1.3 Key Features

F-Secure Anti-Virus for Microsoft Exchange provides the following features and capabilities.
Superior Protection Superior detection rate with multiple scanning engines.
Scanning engines updated automatically with the latest versions. Automatic malicious code detection and disinfection. The grayware scan detects spyware, adware, dialers, joke
programs, remote access tools, and any other unwelcome files and programs.
Heuristic scanning detects also unknown Windows and macro
viruses.
Recursive scanning of ARJ, BZ2, CAB, GZ, JAR, LZH, MSI,
RAR, TAR, TGZ, Z and ZIP archive files.
Automatic and consistent virus definition database updates. Suspicious and unsafe attachments can be stripped away from
e-mails.
Password protected archives can be treated as unsafe. Intelligent file type recognition. Message filtering based on keywords in message subjects and
text.
CHAPTER 1 13
Introduction
Virus Outbreak
Detection
The virus outbreak detection is an additional active layer of
protection that automatically detects virus outbreaks and quarantines suspicious messages.
Virus outbreaks are transparently detected and infected
messages are quarantined before the outbreak becomes widespread.
Quarantined unsafe messages can be reprocessed
automatically.
14
Transparency and
Scalability
Viruses are intercepted before they can enter the network and
spread out on workstations and servers.
Real-time scanning of internal, inbound and outbound mail
messages and public folder notes.
Automatic protection of new mailboxes and public folders. Total transparency to end-users. Users cannot bypass the
system, which means that messages and documents cannot be exchanged without scanning.
Management Controlling and monitoring the behavior of the products remotely.
Starting predefined operations remotely. Monitoring statistics provided by the products remotely with
F-Secure Policy Manager or F-Secure Anti-Virus for Microsoft Exchange Web Console.
Possibility to configure and manage stand-alone installations with
the convenient F-Secure Anti-Virus for Microsoft Exchange Web Console.
You can manage and search quarantined content with the
F-Secure Anti-Virus for Microsoft Exchange Web Console.
When F-Secure Anti-Virus for Windows Servers is installed on
the same computer, both products can be administered with the common web-based user interface.
Protection against
Spam
Possible spam messages are transparently detected before they
become widespread.
Efficient spam detection based on different analyses on the
e-mail content.
Multiple filtering mechanisms guarantee the high accuracy of
spam detection.
Spam messages can be separated from legitimate messages and
processed using the Spam Confidence Levels.
Spam detection works in every language and message format.

1.4 Scanning Methods

Virus Scanning
The virus scan uses virus definition databases to detect and disinfect viruses. Virus definition databases are updated typically multiple times a day and they provide an always up-to-date protection capability.
Heuristic Scanning
The heuristic scan analyzes files for suspicious code behavior so that the product can detect unknown malware.
Proactive Virus Threat Detection
The proactive virus threat detection analyzes e-mail messages for possible virus patterns and security threats. All possibly harmful messages are quarantined as unsafe. The proactive virus threat detection can detect new viruses during the first minutes of the outbreak.
Grayware Scanning
The grayware scan detects applications that have annoying or undesirable behavior that can reduce the performance of computers on the network and introduce significant security risks to your organization. Grayware includes spyware, adware, dialers, joke programs, remote access tools, and any other unwelcome files and programs that can perform a variety of undesired and threatening actions, such as irritating users with pop-up windows, logging user key strokes, and exposing the computer to vulnerabilities.
CHAPTER 1 15
Introduction
16

1.5 F-Secure Anti-Virus Mail Server and Gateway Products

The F-Secure Anti-Virus product line consists of workstation, file server, mail server, gateway and mobile products.
F-Secure Anti-Virus for Microsoft Exchange™ protects your
Microsoft Exchange users from malicious code contained within files they receive in mail messages and documents they open from shared databases. Malicious code is also stopped in outbound messages and in notes being posted on public folders. The product operates transparently and scans files in the Exchange Server Information Store in real-time. Manual and scheduled scans of user mailboxes and public folders are also supported.
F-Secure Internet Gatekeeper for Linux™ provides a
high-performance solution at the Internet gateway level, stopping viruses and other malicious code before they spread to end users desktops or corporate servers. The product scans SMTP, HTTP, FTP and POP3 traffic for viruses, worms and trojans, and blocks and filters out specified file types. ActiveX and Java code can also be scanned or blocked. The product receives updates automatically from F-Secure, keeping the virus protection always up to date. A powerful and easy-to-use management console simplifies the installation and configuration of the product.
F-Secure Messaging Security Gateway™ delivers the
industry’s most complete and effective security for e-mail. It combines a robust enterprise-class messaging platform with perimeter security, antispam, antivirus, secure messaging and outbound content security capabilities in an easy-to-deploy, hardened appliance.
2

DEPLOYMENT

Installation Modes....................................................................... 18
Network Requirements............................................................... 19
Deployment Scenarios ............................................................... 20
17
18

2.1 Installation Modes

F-Secure Anti-Virus for Microsoft Exchange can be installed either in stand-alone or centrally administered mode. In stand-alone installation, F-Secure Anti-Virus for Microsoft Exchange is managed with Web Console. In centrally administered mode, it is managed centrally with F-Secure Policy Manager components: F-Secure Policy Manager Server and F-Secure Policy Manager Console.
To administer F-Secure Anti-Virus for Microsoft Exchange in the centrally administered mode, you have to install the following components:
F-Secure Policy Manager Server (on a dedicated machine) F-Secure Policy Manager Console (on the administrator's
machine or on the same machine with F-Secure Policy Manager Server).
For up-to-date information on supported platforms, see F-Secure Policy Manager Release Notes.

2.2 Network Requirements

This network configuration is valid for all scenarios described in this chapter. Make sure that the following network traffic can pass through:
Service Process Inbound ports Outbound ports
CHAPTER 2 19
Deployment
F-Secure Content Scanner Server
F-Secure Anti-Virus for Microsoft Exchange Web Console
F-Secure Update Agent
F-Secure Network Request Broker
F-Secure Management Agent
F-Secure Quarantine Manager
Automatic
%ProgramFiles%\F-Secure\Cont ent Scanner Server\fsavsd.exe
%ProgramFiles%\F-Secure\Web User Interface\bin\fswebuid.exe
%ProgramFiles%\F-Secure\FSA UA\program\fsaua.exe
%ProgramFiles%\F-Secure\Com mon\fnrb32.exe
%ProgramFiles%\F-Secure\Com mon\fameh32.exe
%ProgramFiles%\F-Secure\Quar antine Manager\fqm.exe
18971 (TCP) (on localhost only)
25023 DNS (53, UDP and TCP),
- DNS (53, UDP and TCP),
- DNS (53, UDP/TCP),
- DNS (53, UDP/TCP),
- DNS (53, UDP/TCP),
DNS (53, UDP/TCP), HTTP (80) or another known port used for HTTP proxy
1433 (TCP), only with the dedicated SQL server
HTTP (80) and/or another port used to connect to
F-Secure Server
HTTP (80) or another port used to connect to F-Secure Policy Manager Server
SMTP (25)
1433 (TCP), only with the dedicated SQL server
Policy Manager
F-Secure World Map Reporting Service
%ProgramFiles%\F-Secure\Cont ent Scanner Server\fswmrsvc.exe
- DNS (53, UDP/TCP), SMTP (25)
20

2.3 Deployment Scenarios

Depending on how the Microsoft Exchange Server roles are deployed in your environment, you might consider various scenarios of deploying F-Secure Anti-Virus for Microsoft Exchange. There are various ways to deploy F-Secure Anti-Virus for Microsoft Exchange that are suitable to different environments:
If you have just a single Microsoft Exchange Server, see “Single
Exchange Server (2003/2007/2010)”, 21.
If you have multiple Microsoft Exchange Servers, see “Multiple
Exchange 2003 Servers”, 22.
If you have multiple Microsoft Exchange Servers with Exchange
Edge and Mailbox Server roles, see “Multiple Exchange Server
2007/2010 Roles”, 23.
If you have multiple Microsoft Exchange Servers deployed on
dedicated servers with server roles and possibly clustered mailbox servers, see “Large organization using Exchange 2007/
2010”, 24.
If you have multiple Microsoft Exchange Server installations and
you want to configure the product to use one SQL server and database for the quarantine management, see “Centralized
Quarantine Management”, 26.

2.3.1 Single Exchange Server (2003/2007/2010)

Your organization has a single server (Microsoft Exchange Server 2003/ 2007/2010 or Microsoft Small Business Server 2003/2008) that holds all mailboxes, public folders and sends and receives all inbound and outbound messages over SMTP. Usually, the server is located behind the firewall or router.
CHAPTER 2 21
Deployment
Installing F-Secure Anti-Virus for Microsoft Exchange
Install F-Secure Anti-Virus for Microsoft Exchange to the server running Microsoft Exchange Server or Microsoft Small Business Server.
Administration Modes
You can install the product in stand-alone mode and administer it with the Web Console.
The product receives anti-virus and spam database updates from F-Secure Update Server.
22

2.3.2 Multiple Exchange 2003 Servers

Your organization has multiple Microsoft Exchange Server 2003 installations. Usually, the front-end server is located in the perimeter network and receives inbound mail using SMTP and forwards all messages to the back-end server. The back-end Exchange server holds all mailboxes and public folders. In a larger organization, back-end servers may be clustered.
Installing F-Secure Anti-Virus for Microsoft Exchange
Install F-Secure Anti-Virus for Microsoft Exchange to both front-end and back-end Exchange servers. In addition, the front-end server can be protected with F-Secure Spam Control.
Administration Modes
Install F-Secure Policy Manager Server on a dedicated server or on the same server with one of Exchange servers. You can administer the product with F-Secure Policy Manager Console.
When you install the product, configure each installation to connect to the same F-Secure Policy Manager Server.
The product installations receive anti-virus and spam database updates from F-Secure Policy Manager Server, which receives updates from F-Secure Update Server.

2.3.3 Multiple Exchange Server 2007/2010 Roles

CHAPTER 2 23
Deployment
Your organization has multiple Microsoft Exchange Server 2007/2010 installations. Exchange Edge and Mailbox Server roles are deployed to separate servers and the Hub Server is deployed either on a separate server or on the same server with the Mailbox Server. The Edge Server handles incoming and outgoing messages using SMTP and Mailbox Server holds all mailboxes and public folders and Hub Server routes mail traffic between Exchange servers.
Installing F-Secure Anti-Virus for Microsoft Exchange
Install F-Secure Anti-Virus for Microsoft Exchange to all servers where Exchange Edge, Hub and Mailbox Server roles are deployed. In addition, the Edge server can be protected with F-Secure Spam Control.
If the Exchange role is changed later, the product has to be reinstalled.
24
Administration Modes
Install F-Secure Policy Manager Server on a dedicated server or on the same server with one of Exchange servers. You can administer the product with F-Secure Policy Manager Console.
When you install the product, configure each installation to connect to the same F-Secure Policy Manager Server.
The product installations receive anti-virus and spam database updates from F-Secure Policy Manager Server, which receives updates from F-Secure Update Server.

2.3.4 Large organization using Exchange 2007/2010

Your organization has multiple Microsoft Exchange Server 2007/2010 installations. All Exchange roles are deployed on dedicated servers. Mailbox servers are possibly clustered.
CHAPTER 2 25
Deployment
Installing F-Secure Anti-Virus for Microsoft Exchange
Install F-Secure Anti-Virus for Microsoft Exchange to the server where Exchange Edge, Hub and Mailbox Server roles are deployed. In addition, the Edge server can be protected with F-Secure Spam Control.
Do not install the product to Client Access or Unified Messaging Server roles.
Installing F-Secure Spam Control
F-Secure Spam Control can be installed on the Edge server.
Administration Modes
Install F-Secure Policy Manager Server on a dedicated server. You can administer the product with F-Secure Policy Manager Console.
When you install the product, configure each installation to connect to the same F-Secure Policy Manager Server.
The product installations receive anti-virus and spam database updates from F-Secure Policy Manager Server, which receives updates from F-Secure Update Server.
26

2.3.5 Centralized Quarantine Management

Your organization has multiple Microsoft Exchange Server installations. For example, you have front-end and back-end servers running Exchange Server 2003, or a network configuration with Edge and Mailbox roles running Exchange Server 2007/2010.
Microsoft SQL Server is installed on a dedicated server or on the server running F-Secure Policy Manager Server.
CHAPTER 2 27
Deployment
Installing F-Secure Anti-Virus for Microsoft Exchange
When you install the product, configure each installation to use the same SQL server and database.
Make sure that the SQL server, the database name, user name
and password are identical in the quarantine configuration for all F-Secure Anti-Virus for Microsoft Exchange installations.
Make sure that all the servers are allowed to communicate with
the SQL server using mixed mode authentication. For more information, see “Enabling the mixed mode authentication in the
Microsoft SQL Server”, 27.
In environments with heavy e-mail traffic, it is recommended to
use a Microsoft SQL server installed on a separate server. When using the free Microsoft SQL Server 2005 Express Edition included in F-Secure Anti-Virus for Microsoft Exchange, the Quarantine database size is limited to 4 GB.
You can use F-Secure Anti-Virus for Microsoft Exchange Web
Console to manage and search quarantined content. For more information, consulft F-Secure Anti-Virus for Microsoft Exchange Administrator’s Guide.
Enabling the mixed mode authentication in the Microsoft SQL Server
If you install Microsoft SQL Server 2005/2008 separately, it supports Windows Authentication only by default. You have to change the authentication to mixed mode during the setup or configure it later with Microsoft SQL Server user interface.
The mixed mode authentication allows you to log into the SQL server with either your Windows or SQL username and password.
Make sure that the sa password is strong when you change the authentication mode from the Windows authentication to the mixed authentication mode.
28
Follow these steps to change the authentication mode:
1. Open Microsoft SQL Server Management Studio or Microsoft SQL Server Management Studio Express.
If you do not have Microsoft SQL Server Management Studio installed, you can freely download Management Studio Express from the Microsoft web site
.
2. Connect to the SQL server.
3. In Object Explorer, go to Security > Logins.
4. Right-click on sa and select Properties.
5. Open the General page and change the password. Confirm the new
password that you entered.
6. Open the Status page and select Enabled in the Login section.
7. Click OK.
8. In Object Explorer, right-click on the server name and select
Properties.
9. On the Security page, select SQL Server and Windows
Authentication mode under Server authentication.
10. Click OK.
11. Right-click on the server name and select Restart.
Wait for a moment for the service to restart before you continue.
12. Use Management Studio to test the connection to the SQL server with
the sa account and the new password you set.
Loading...
+ 85 hidden pages